package com.zh.authresource.controller;

import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * 公开的资源，无需认证即可访问
 */
@Slf4j
@RestController
@RequestMapping("/open")
public class OpenController {

    /**
     * 不受保护的资源
     *
     * @return
     */
    @GetMapping("/hello")
    public String hello() {
        System.out.println("call hello ...");
        var authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            System.out.println("authentication name = "+authentication.getName()+" , isAuthenticated = " + authentication.isAuthenticated());
        }
        return "hello world";
    }

}
